Support SameOrigin
This commit is contained in:
parent
5677bc4dd9
commit
3e94e9d5f9
|
@ -1,14 +1,26 @@
|
|||
<?php
|
||||
|
||||
/** Allow using Adminer inside a frame
|
||||
/** Allow using Adminer inside a frame (disables ClickJacking protection)
|
||||
* @author Jakub Vrana, http://www.vrana.cz/
|
||||
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
||||
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
|
||||
*/
|
||||
class AdminerFrames {
|
||||
var $sameOrigin;
|
||||
|
||||
/**
|
||||
* @param bool allow running from the same origin only
|
||||
*/
|
||||
function AdminerFrames($sameOrigin = false) {
|
||||
$this->sameOrigin = $sameOrigin;
|
||||
}
|
||||
|
||||
function headers() {
|
||||
if ($this->sameOrigin) {
|
||||
header("X-Frame-Options: SameOrigin");
|
||||
}
|
||||
header("X-XSS-Protection: 0");
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue